<?php

session_start();

require_once("sys.inc");

if (file_exists("not_configured"))
{
	if (isset($_POST["p"]))
	{
		unlink("not_configured");
		$init_pass = password_from_string(mysql_real_escape_string($_POST["p"]));
		mysql_query("INSERT INTO $table_admin VALUES(178, '$init_pass', '', 0)");
		echo "Initial password set: " . $_POST["p"];
		return;
	}
	else
	{
?>
<html>
<body>
Master password:<br />
<form action="admin.php" method="post">
<input type="password" name="p">
<input type="submit">
</form>
</body>
</html>
<?php		
		return;
	}
	
}

if (isset($_POST["logout"]))
{
	session_destroy();
	echo "ok";
	return;
}

if (isset($_POST["login_id"]) && isset($_POST["password"]))
{
	$login_id = 0+htmlentities($_POST["login_id"]);
	$password = htmlentities($_POST["password"]);
	$q = "SELECT * 
		FROM $table_admin
		LEFT JOIN $table_player ON $table_admin.player_id=$table_player.player_id  
		WHERE $table_admin.player_id=$login_id
		";
	$result = mysql_query($q);
	if ($row = mysql_fetch_object($result))
	{
		if (crypt($password, $row->password) == $row->password)
		{
			$_SESSION["user"] = $row;
			echo "ok";
		}
		else 
		{
			echo "Wrong password";
		}
	}
	else
		echo "Wrong id";
	return;
}

if (isset($_SESSION["user"]))
	$user = $_SESSION["user"];
	
$top = "admin";
$content = "admin";
$side = "admin";

require 'tpl/index.tpl';

?>